Corporate Risk, Security Operations Center

In a recent survey conducted by Forrester Consulting, several hundred security, risk and compliance decision-makers were asked to define their concept of “real-time information.” Seventy-five percent said they’d define real-time information as data from today or older. A little over 1 in 5 said they’d define it as data from the current month.

Just 16 percent of respondents said they’d define real-time information as data from the past few minutes or less.

That distinction is crucial for security leaders, as their security operations centers (SOCs) rely on real-time information as the catalyst for their workflows.

Real-time information allows them to do so in three key ways: protect, anticipate, and communicate.

Leverage real-time information to mitigate harm to employees and customers 

The primary role of security and risk leaders is to protect their organization’s employees and customers.

By having access to information about relevant events as they happen, SOC teams are able to rapidly assess whether a potential crisis will impact the organization; determine the safety of employees, customers, and assets; and assess whether there will be any enduring impacts to business continuity.

With information that is truly received in real time, the SOC team is able to remain ahead of the event. By the time the information reaches the public domain via traditional channels like media, the team has already identified the risk and cascaded recommendations to stakeholders.

There is a significant premium attached to being able to identify risks and events as soon as possible. Here at Dataminr, real-time alerts are issued in close proximity to the time at which events occur—often within seconds. Receiving such information in real time means SOCs can stay ahead of the event and quickly and effectively protect their people and assets.

Gain the context needed to understand and respond to high-impact events effectively 

Trying to anticipate potential risk is no simple task. If you’re analyzing and gleaning insights from time-expired or irrelevant information, it’s even more difficult. We need technology to do the heavy lifting. Dataminr’s AI platform processes billions of data points each day in real time and extracts the most up-to-date information on high-impact events that are relevant to your business.

Once that information is received by the SOC team, it can do what it does best: identify and minimize the immediate risk to life and property. It can then track events as they unfold, helping to determine how the events might impact business continuity more broadly and return to business as usual as rapidly as possible.

As a result, SOCs can better identify a potential risk at its embryonic stage and before it becomes a full-blown issue or crisis.

Demonstrate the organizational value of proactive risk management 

Anticipating and protecting against risk are core SOC responsibilities. However, communicating the benefits of real-time information is as important, because it highlights the value of the SOC and allows it to be seen and understood throughout the organization and among key business partners.

For example, at a high-level, explain the use of real-time information to the C-suite, and then demonstrate how it works by flagging emerging, high-impact events. They will then be able to experience firsthand how getting the data in mere seconds affords them the time to make decisions earlier and take action more quickly.

Look to also educate partners, such the supply chain or third-party management teams, on the ways in which real-time information can be used to identify disruptive events in your organization or that of your competitors’.

Clear messaging around how SOCs use real-time information to support the chief information security officer (CISO) is also critical as it helps organizations with separate cyber and physical functions move toward converged security operations.


[ Learn how real-time information can help you build the converged SOC of the future. ]

Author
Al Bowman
April 16, 2021
  • Corporate Risk
  • Security Operations Center
  • Blog

Related resources

Blog

Why NATO Must Embrace Private-sector AI to Counter Cyber Threats

As NATO bolsters its cyber defenses and responds to the rising tide of cyber attacks, the alliance should strengthen its private sector partnerships and employ AI-powered solutions.

Blog

Public Safety Challenges and Tips for Paris 2024 Olympics

Explore must-have strategies for ensuring public safety during the Paris 2024 Olympics, including expert insights and practical tips for public sector organizations to address complex security challenges.

Blog

Olympic Security: Event Detection From Paris 1924 to Paris 2024

It's been 100 years since Paris last hosted the Olympic Games. Many of the same security challenges remain, but AI and an unprecedented amount of public data has changed how to protect large-scale events.